Congratulations to MITRE CTID on receiving CTA’s Ecosystem Award. Your leadership in advancing threat‑informed defense continues to strengthen and protect our digital ecosystem. @cyallianceprez.bsky.social presents the award to Leslie Anderson.
#threatintelligence #cybersecurity @attack.mitre.org

BPFdoor in Telecom Networks: Sleeper Cells in the backbone A months-long investigation by Rapid7 Labs has uncovered evidence of an advanced China-nexus threat actor placing stealthy digital sleeper cells in telecommunications networks, in order to carry out h...

CTA member @rapid7.com uncovered stealth “sleeper cell” access embedded in telecommunications networks by a China-nexus threat actor. This type of compromise impacts everyone.
tinyurl.com/233r7e6t
#cybersecurity

Please join us in welcoming CTA's newest member @silentpush.bsky.social!
Their addition strengthens CTA’s mission to foster meaningful industry collaboration, and enhances our collective ability to share critical intelligence and protect the digital world.
tinyurl.com/55abxwxp
#cybersecurity #cyber

Congratulations to @rapid7.com for @cyberalliance.bsky.social's award for the most impactul early share for 2025, as voted on by our members.

www.rapid7.com/blog/post/sc...
#EarlyShare #cybersecurity #cyberesearch

CTA 2025 Year in Review - Cyber Threat Alliance

CTA's 2025 Year in Review! Data sharing soared. Engagement deepened. Our member and partner community grew stronger. And our voice in #cybersecurity news and thought leadership reached new heights.
This is what collective defense looks like in action. Dive into the full report.
tinyurl.com/mr255wvp

Geopolitical turmoil is reshaping long‑held assumptions in cybersecurity, and this panel will explore how fragmentation is influencing threat assessments, operational practices, partnerships, and the industry’s path forward.
us06web.zoom.us/webinar/regi...
#cybersecurity @cyallianceprez.bsky.social

Trump's National Cyber Strategy Leaves Industry Role Unclear The administration's cyber strategy pushes deeper public-private coordination and expanded threat visibility across critical infrastructure, but lacks specifics on

"Right now our ISPs and telecommunications companies could disrupt more malicious traffic that they know is transiting their networks, but they really have no incentive to do that because it's all downside and no upside for them," @cyallianceprez.bsky.social
tinyurl.com/ywy7hdpx
#cybersecurity

CNAS Insights | America’s AI Cyber Defense Gap Needs Congress to Act Developing strong, pragmatic and principled national security and defense policies.

Modernize CISA 2015 now: letting it lapse risks vital intel, but extending it unchanged wastes time. With AI reshaping threats and bipartisan support in place, Congress must act—stop extending and start updating.
tinyurl.com/ydu9sb5d
#cybersecurity #CISO2015 #cyberpolicy @cyallianceprez.bsky.social

Join us Monday, April 6th at 9 am EDT for CTA Webinar:
Shaken and Stirred: Geopolitics and Cybersecurity in 2026.
Panelists will discuss how geopolitical turmoil is reshaping cybersecurity assumptions and how fragmentation is influencing our path forward
Register: tinyurl.com/43a22327
#cybersecurity

Promptmorphism: How LLMs Are Mass-Producing Disposable Stage 1 Loaders How malware authors use LLM‑driven “promptmorphism” to endlessly reshape loaders—and what defenders must do to keep up

CTA member Gen Digital on how malware authors use LLM‑driven “promptmorphism” to endlessly reshape loaders—and what defenders must do to keep up...

www.gendigital.com/blog/insight...
#cybersecurity #cyberthreats #promptmorphism @cyberalliance.bsky.social @gendigital.bsky.social

How to Make Your SBOMs Actionable with PURLs | ReversingLabs Package URLs give software components an exact address to improve vulnerability matching, which reduces alert fatigue and simplifies compliance.

"Ambiguous package names & fragmented tracking methods leave organizations vulnerable to sophisticated supply chain attacks. By demanding PURLs in your SBOMs, you enforce a strict standard of visibility and accountability"
www.reversinglabs.com/blog/why-you...
#cybersecurity #SBOM @reversinglabs.com

How to avoid the fake buyers flooding Facebook Marketplace Avoid fake buyers on Facebook Marketplace. Discover common scam tactics, warning signs, and expert tips to stay safe when selling online.

Great article from CTA member on how to avoid fake buyers on Facebook Marketplace
blog.avast.com/how-to-avoid...

#cybersecurity #cyberthreats #fraud #scams @cyberalliance.bsky.social

CTA member @mcafee.com's tax season survey shows that nearly 1 in 4 Americans say they have fallend for a tax scam.
Read more...

www.mcafee.com/blogs/securi...
#cybersecurity #threatintelligence #cyberthreats #scam @cyberalliance.bsky.social

Iranian APT Activity During Geopolitical Escalation: Recommendations for Nozomi Customers and Critical Infrastructure Owners Amid war in the Middle East, Iranian cyber actors are escalating espionage and disruptive attacks, raising risks for global critical infrastructure. Here, Nozomi Networks provides a status update and ...

CTA member @nozominetworks.bsky.social offers recommendatons to critical infrastructure owners concerning Iranian APT activty

www.nozominetworks.com/blog/iranian...
#cybersecurity #cyberattacks #cyberthreats @cyberalliance.bsky.social

Update, March 10: Talos on the developing situation in the Middle East Cisco Talos updates this blog with additional IOCs, guidance, recommendations and timelines as of March 10, 2026.

CTA member @talosintelligence.com provides an update on the Middle East conflict
blog.talosintelligence.com/talos-develo...
#cybersecurity #cyberattacks #cyberthreats @cyberalliance.bsky.social

Insights: Increased Risk of Wiper Attacks We are observing an increase of wiper attacks by the Iran-linked Handala Hack group (aka Void Manticore) through phishing and misuse of Microsoft Intune.

CTA member @paloaltonetworks.com is tracking an increased risk of wiper attack related to the Iran conflict.
unit42.paloaltonetworks.com/handala-hack...

#cybersecurity #cyberthreats #cyberattacks @cyberalliance.bsky.social

Iran’s Cyber Playbook in the Escalating Regional Conflict Understand the cyber-related activities that Rapid7 Labs has observed in accordance with the tension in Iran, including hacktivism, phishing campaigns, data theft, and other disruptive operations.

CTA Member @rapid7.com provides an outline of the cyber activities associated with the Iranian conflict...

www.rapid7.com/blog/post/tr...
#cybersecurity #cyberattacks #cyberthreat #threatintelligence #cyberesearch @cyberalliance.bsky.social

The Digital Front of Iranian Cyber Offensive and Defensive Response — ExtraHop Following the U.S.-Israeli military strikes in February 2026, Iranian threat actors have transitioned to a decentralized "triple-threat" model that integrates generative AI to accelerate malware devel...

CTA member @extrahop.bsky.social provides analysis around the TTPs adn detection strategies for prominent Iranian-associated cyber theats.
#cybersecurity #cyberthreats

www.extrahop.com/blog/the-dig...

RSAC 2026 Conference is where the cybersecurity world unites from March 23–26 in San Francisco. Now's your LAST CHANCE to save $300 on an All Access Pass PLUS
CTA members save an additional $150 with code 16UCTAAD. Register by March 20th.
tinyurl.com/2ybbdwud
#cybersecurity #RSAC2026

CTA in Focus (March 2026) - Cyber Threat Alliance

CTA members and partners prove that meaningful collaboration transforms individual insights into a unified defense - sharing intelligence, disrupting threats, and fortifying the digital ecosystem together
Read our Q1 Newsletter - CTA in Focus
tinyurl.com/2cehf5s5
#cybersecurity #strongertogether

Give to Gain: A Call to Action for Equity, Growth, and Collective Power - Cyber Threat Alliance By Jeannette Jarvis, Chief Business Officer This International Women’s Day, I’m reflecting on a theme that resonates deeply: Give to Gain. It’s not just a slogan; it’s a strategy for transformation. I...

International Women's Day 2026.

Give to Gain: A Call to Action for Equity, Growth, and Collective Power. When we Give to Gain, we don’t just change outcomes. We change culture.

tinyurl.com/yp9vjv48

#IWD2026 #Womeninsecurity #cybersecurity #GivetoGain #empoweringwomen

CTA member Fortinet Fortiguard Labs provides information around the Iran conflict...

www.fortinet.com/blog/threat-...

#cybersecurity #cyberthreats #cyberrisk @cyberalliance.bsky.social

CTA Member @sophossecurity.bsky.social discussing hacktivist campaigns increasing as the Iran conflict intensifies
www.sophos.com/en-us/blog/h...
#cybersecurity #cyberthreats #cyberrisk @cyberalliance.bsky.social

Iranian APT Activity During Geopolitical Escalation: Recommendations for Nozomi Customers and Critical Infrastructure Owners Amid war in the Middle East, Iranian cyber actors are escalating espionage and disruptive attacks, raising risks for global critical infrastructure. Here, Nozomi Networks provides a status update and ...

CTA member @nozominetworks.bsky.social on Iranian APT activity during Middle East conflict
www.nozominetworks.com/blog/iranian...
#cybersecurity #cyberthreats #cyberrisk @cyberalliance.bsky.social

Talos on the developing situation in the Middle East Cisco Talos continues to monitor the ongoing conflict in the Middle East. As always, we will be watching closely for any cyber-related incidents that are tied to the conflict.

CTA member @talosintelligence.com on the situation in the Middle East
blog.talosintelligence.com/talos-develo...
#cybersecurity #cyberthreat #cyberrisk @cyberalliance.bsky.social

Threat Brief: March 2026 Escalation of Cyber Risk Related to Iran Unit 42 details recent Iranian cyberattack activity, sharing direct observations of phishing, hacktivist activity and cybercrime. We include recommendations for defenders.

CTA member @paloaltonetworks.com published a threat brief on the cyber risks related to Iran
unit42.paloaltonetworks.com/iranian-cybe...
#cybersecurity #cyberthreats #cyberrisk @cyberalliance.bsky.social

An executive’s online footprint can be more than a privacy issue, it’s also a business risk. 👣

Rapid7 Labs analyzed 100s of engagements from 2024-2025 to understand how exposed today’s executives really are, & what that means for the enterprise. Read on: https://r-7.co/46mH0E3

Force Multiplier in Cybersecurity: Sharing Intelligence in a Complex Threat Landscape - Cyber Threat Alliance By Jeannette Jarvis, Chief Business Officer For centuries, military leaders have sought ways to amplify their strategic capabilities, whether through stronger defenses, faster communication, or smarte...

For centuries militaries relied on “force multipliers” to amplify strategy. Today the battlefield is digital, the actors are blurred, and defenders need every edge. Shared, operationalized cyber threat intelligence is one of the strongest force multipliers we have
tinyurl.com/bdewj3cf
#cybersecurity

The Case for a National Cyber Metrics Dashboard - Aspen Digital Governments must work to develop national cyber metrics for cybersecurity to better inform decision-makers and allocate resources effectively.

Cyber-enabled espionage & critical infrastructure intrusions threaten national security, & most #cybersecurity experts predict things will only get worse. We don’t actually know how bad the problem is nationally because we lack national cyber metrics @cyallianceprez.bsky.social
tinyurl.com/3e9ypwu2

Valentine’s Day 2026 Cyber Scams Cyber criminals are targeting U.S. consumers ahead of Valentine’s Day 2026 with fake shopping sites, fraudulent dating platforms, and phishing domains. Learn how to spot Valentine‑themed scams, protec...

Love is in the Air - and So Are Scammers. Read our @cyberalliance.bsky.social member Check Point on what threats to watch out for as Valentine's Day approaches:

blog.checkpoint.com/research/lov...
#cybersecurity #scam #cyberthreats